<!DOCTYPE html>
<html lang="en">

<head>
  <meta charset="UTF-8">
  <meta http-equiv="X-UA-Compatible" content="IE=edge">
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
  <title>cors</title>
</head>

<body>

  <script>
    /* fetch('http://localhost:3000/cors', {
      method: 'get',
      // headers: {
      //   username: 'aaaa'
      // }
    }).then(res => res.json()).then(data => console.log(data)) */

    document.cookie = 'name=123;path=/'

    const xhr = new XMLHttpRequest()
    xhr.open('get', 'http://localhost:3000/cors', true)
    // xhr.setRequestHeader('username', 'zhangsan')
    // xhr.setRequestHeader('Cookie', 'name=1639360893')
    xhr.send()
    xhr.onreadystatechange = () => {
      if (xhr.readyState === 4 && xhr.status === 200) {
        // console.log(xhr.getResponseHeader('password'))
        console.log(xhr.responseText)
      }
    }

  </script>
</body>

</html>